<?php
/*********************************************
  CPG Dragonfly™ CMS
  ********************************************
  Copyright © 2004 - 2007 by CPG-Nuke Dev Team
  http://dragonflycms.org

  Dragonfly is released under the terms and conditions
  of the GNU GPL version 2 or any later version
**********************************************/
if (!defined('ADMIN_PAGES')) { exit; }
if (!can_admin('groups')) { die('Access Denied'); }
Dragonfly::getKernel()->L10N->load('forums');
Dragonfly_Page::setTitle('Groups Administration');

$group_id = isset($_GET['gid']) ? intval($_GET['gid']) : 0;

function group_msg($message)
{
	cpg_error($message, 'Groups', URL::admin('groups'));
}

if ('POST' === $_SERVER['REQUEST_METHOD'])
{
	// Ok, they are submitting a group, let's save the data based on if it's new or editing
	if (isset($_POST['delete'])) {
		// Is the group moderating a forum ?
		$row = $db->uFetchAssoc("SELECT auth_mod FROM {$db->TBL->bbauth_access} WHERE group_id={$group_id}");
		if (intval($row['auth_mod']) == 1) {
			// Yes, get the assigned users and update their Permission if they are no longer moderator of one of the forums
			$qr = $db->query("SELECT user_id FROM {$db->TBL->bbuser_group} WHERE group_id={$group_id}");
			while ($row = $qr->fetch_row()) {
				$result = $db->query("SELECT g.group_id FROM ({$db->TBL->bbauth_access} a, {$db->TBL->bbgroups} g, {$db->TBL->bbuser_group} ug)
						WHERE (a.auth_mod = 1) AND (g.group_id = a.group_id) AND (a.group_id = ug.group_id) AND (g.group_id = ug.group_id)
						AND (ug.user_id = ".intval($row[0]).") AND (ug.group_id <> {$group_id})");
				if ($result->num_rows == 0) {
					$db->query("UPDATE {$db->TBL->users} SET user_level=1 WHERE user_level=3 AND user_id=" . intval($row[0]));
				}
			}
		}
		// Delete Group
		$db->query("DELETE FROM {$db->TBL->bbgroups} WHERE group_id={$group_id}");
		$db->query("DELETE FROM {$db->TBL->bbuser_group} WHERE group_id={$group_id}");
		$db->query("DELETE FROM {$db->TBL->bbauth_access} WHERE group_id={$group_id}");
		group_msg('The group has been deleted');
	}
	else {
		$group_type = isset($_POST['group_type']) ? intval($_POST['group_type']) : 0;
		$group_name = isset($_POST['group_name']) ? trim($_POST['group_name']) : '';
		$group_description = isset($_POST['group_description']) ? trim($_POST['group_description']) : '';
		$group_moderator = isset($_POST['username']) ? Fix_Quotes($_POST['username'], true) : '';
		$delete_old_moderator = isset($_POST['delete_old_moderator']) ? true : false;

		if ( $group_name == '' ) {
			cpg_error('No_group_name');
		} else if ( $group_moderator == '' ) {
			cpg_error('No_group_moderator');
		}

		$this_userdata = getusrdata($group_moderator, "user_id");
		$group_moderator = $this_userdata['user_id'];

		if (!$group_moderator) {
			cpg_error('The member '.$group_moderator.' doesn\'t exist');
		}

		if ($group_id) {
			$group_info = $db->uFetchAssoc("SELECT * FROM {$db->TBL->bbgroups} WHERE group_single_user = 0 AND group_id = {$group_id}");
			if(empty($group_info)) {
				cpg_error('The group doesn\'t exist');
			}
			if ( $group_info['group_moderator'] != $group_moderator ) {
				if ( $delete_old_moderator ) {
					$db->query("DELETE FROM {$db->TBL->bbuser_group} WHERE user_id = ".$group_info['group_moderator'].' AND group_id = '.$group_id);
				}
				$result = $db->query("SELECT user_id FROM {{$db->TBL->bbuser_group} WHERE user_id = {$group_moderator} AND group_id = {$group_id}");
				if (!($row = $db->fetchrow($result))) {
					$db->query("INSERT INTO {$db->TBL->bbuser_group} (group_id, user_id, user_pending) VALUES ({$group_id}, {$group_moderator}, 0)");
				}
			}
			$db->query("UPDATE {$db->TBL->bbgroups}
				SET group_type = $group_type, group_name = '" . Fix_Quotes($group_name) . "', group_description = '" . Fix_Quotes($group_description) . "', group_moderator = $group_moderator
				WHERE group_id = $group_id");
			group_msg('The group has been updated');
		}
		else
		{
			$db->query("INSERT INTO {$db->TBL->bbgroups} (group_type, group_name, group_description, group_moderator, group_single_user)
				VALUES ($group_type, '" . Fix_Quotes($group_name) . "', '" . Fix_Quotes($group_description) . "', $group_moderator,		   '0')");
			$new_group_id = $db->insert_id('group_id');
			$db->query("INSERT INTO {$db->TBL->bbuser_group} (group_id, user_id, user_pending) VALUES ($new_group_id, $group_moderator, 0)");
			group_msg('The group has been added');
		}
	}
}

else if (isset($_GET['gid']))
{
	// Ok someone is editing or creating a group
	$TPL = Dragonfly::getKernel()->OUT;
	if (isset($_GET['edit'])) {
		$group = $db->uFetchAssoc('SELECT
			group_id id,
			group_type type,
			group_name name,
			group_description description,
			u.username
		FROM '.$db->TBL->bbgroups.' g
		LEFT JOIN '.$db->TBL->users.' u ON (u.user_id = g.group_moderator)
		WHERE group_single_user = 0 AND group_id='.$group_id);
		if (empty($group)) {
			cpg_error('Group doesn\'t exist');
		}
		$TPL->title = 'Edit group';
		$TPL->group = $group;
	} else {
		$TPL->title = 'Create new group';
		$TPL->group = array ('id'=>0, 'type' => 0, 'name' => '', 'description' => '', 'username' => '');
	}
	$TPL->display('admin/groups/group');
}

else
{
	$TPL = Dragonfly::getKernel()->OUT;
	$TPL->groups = $db->query('SELECT group_id as id, group_name as name FROM '.$db->TBL->bbgroups.' WHERE group_single_user = 0 ORDER BY group_name');
	$TPL->forums_admin  = can_admin('forums');
	$TPL->modules_admin = can_admin('modules');
	$TPL->display('admin/groups/index');
}
